Описание
missing SFTP host verification with wolfSSH
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not compiled |
| esm-infra-legacy/trusty | not-affected | code not compiled |
| esm-infra/bionic | not-affected | code not compiled |
| esm-infra/focal | not-affected | code not compiled |
| esm-infra/xenial | not-affected | code not compiled |
| jammy | not-affected | code not compiled |
| noble | not-affected | code not compiled |
| plucky | not-affected | code not compiled |
| questing | not-affected | code not compiled |
| upstream | released | 8.17.0 |
Показывать по
10
EPSS
Процентиль: 3%
0.0002
Низкий
4.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.3
nvd
13 дней назад
curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more.
CVSS3: 4.3
debian
13 дней назад
curl's code for managing SSH connections when SFTP was done using the ...
CVSS3: 4.3
github
13 дней назад
curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more.
EPSS
Процентиль: 3%
0.0002
Низкий
4.3 Medium
CVSS3